October 2, 2024 at 01:27PM
Group-IB reported on a large-scale fraud campaign involving fake trading apps on Apple App Store and Google Play Store, using phishing sites to deceive victims. Operating globally, the campaign leverages social engineering, targeting victims for investment fraud. The cybercriminals utilized a fake app to deceive victims into making investments, subsequently stealing their funds.
Based on the meeting notes, it appears that a large-scale fraud campaign has been uncovered, involving fake trading apps and phishing sites that target victims with the promise of financial gain through cryptocurrency and investment schemes. The cybercriminals behind the operation have used manipulative tactics such as luring victims into investments under the guise of romantic relationships or investment advice.
The fraudulent campaign, known as pig butchering, has a global reach with victims reported across Asia-Pacific, European, Middle East and Africa. The fraudulent apps, built using the UniApp Framework, have been classified under the moniker UniShadowTrade.
Notably, one of the apps managed to bypass Apple’s App Store review process, posing a significant challenge in identifying the malicious nature of the app. Additionally, the cybercriminals behind the operation have utilized phishing websites to distribute the fraudulent apps for both Android and iOS platforms.
Once the victims install and open the app, they are prompted to provide personal information and agree to invest after which they are deceived into making deposits with the promise of high returns. However, attempting to withdraw the funds leads to requests for additional fees, ultimately resulting in the theft of the victims’ funds.
The cybercriminals also utilized novel tactics, including embedded configurations and the use of legitimate services to host configuration information, in order to minimize detection and avoid raising red flags.
Furthermore, the fraud campaign extended to the Google Play Store with fake stock investment scam apps, exploiting the trust of users in secure platforms. The cybercriminals specifically targeted users in various countries, with the apps being downloaded less than 5,000 times, indicating a relatively low but impactful distribution.
Overall, it’s crucial to raise awareness about these fraudulent activities and ensure users are vigilant when engaging with financial or investment apps, especially those promising quick and easy financial gains.